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DETAILED ACTION 

Priority 

1 . Acknowledgment is made of applicant's claim for foreign priority under 35 
U.S.C. 119(a)-(d). The certified copy has been filed. 

Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

2. Claims 1-4, 7-11, 13 and 17 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Weiss et al., (hereinafter Weiss), (US Publication No. 2002/0144144). 

In reference to claim 1, Weiss teaches a method / system comprising: a plurality of sub- 
networks [figure 1]; an authentication server for authenticating a client in one of the 
plurality of sub-networks in response to an authentication request of the client when 
establishing a communication session for packet communication between the terminal 
of the client and a different sub-network as a client's target [paragraph 3, lines 9-16]; an 
address processing unit for executing, after the authentication by the authentication 
server and on the basis of an instruction from the authentication server, an address 
processing of packet signals in packet communication between the client's terminal and 
the sub-network as the client's target [paragraph 3, lines 16-24]. 
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In reference to claim 2, Weiss teaches the method / system of claim 1 wherein: the 
authentication request from the client includes data of the sub-network as the client's 
target [paragraph 3]. 

In reference to claim 3, Weiss teaches the method / system of claim 1 wherein: the 
authentication server has a correspondence table provided for each client and showing 
one or more sub-networks as client's targets and specifies the sub-network as the 
client's target on the basis of the correspondence table, and an address translation table 
showing the correspondence between data specifying the communication session on 
the packet signal and address data corresponding to the sub- network as the client's 
target, is set in the address processing unit [paragraphs 3, 9 and 28, (encapsulation)]. 

In reference to claim 4, Weiss teaches the method / system of claim 3 wherein: the 
client's terminal sends out the packet signal by setting the address of the address 
processing unit as destination address [paragraph 3, encapsulation]; and the address 
processing unit specifies the sub-network as the client's target on the basis of the data 
specifying the communication session on the packet signal in the address translation 
table, and translates the destination address of the packet signal to address data 
corresponding to the specified sub-network [paragraph 3, encapsulation]. 
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In reference to claim 7, Weiss teaches the method / system of claim 1 wherein: the 
address processing unit receiving a packet signal addressed to the client from the sub- 
network as the client's target, translates the source address of the packet signal to the 
own address and sends out resultant packet signal [paragraph 3, encapsulation]. 

In reference to claim 8, Weiss teaches the method / system of claim 1 wherein: the sub- 
network has a gateway unit, and the address of the gateway unit is used as the address 
corresponding to the sub-network [paragraph 3, local VPN gateway, remote VPN 
gateway]. 

In reference to claim 9, Weiss teaches the method / system of claim 8 wherein: the 
gateway unit and the client terminal have a function of tunnel communication with 
respect to the packet signal having been capsulated by adding a capsulation header 
describing the address [paragraph 3, encapsulation]; and the gateway unit deletes the 
capsulation header from the packet signal addressed to the gateway unit and feeds the 
resultant packet signal to the own sub-network [paragraph 3, encapsulation]. 

In reference to claim 10, Weiss teaches the method / system of claim 9 wherein: the 
gateway unit records, in correspondence to one another, the source address of the 
packet signal addressed to its own in the capsulation header and the address assigned 
to the client's terminal in the own network, and when detecting a packet signal with the 
correspondence address as the destination address, encapsulates the packet signal by 
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setting the source address in the capsulation header that is made to correspond to the 
correspondence address as the destination address of the packet signal and also 
setting the own address as the source address of the packet signal for sending out the 
packet signal [paragraph 3]. 

In reference to claim 1 1 , Weiss teaches the method / system of claim 1 wherein: a 
plurality of the sub-networks are connected to pluralities of authentication servers and 
each have a proxy authentication server; the client's terminal executes the request of 
the client authentication by accessing the proxy authentication server; and the proxy 
authentication server specifies the authentication server of the sub-network as the 
client's target on the basis of the authentication request from the client, inquires the 
specified authentication server about whether the authentication is possible or not, and 
when the ! client is certified by the authentication server allows the client's accessing 
[paragraphs 35 and 38]. 

In reference to claim 13, Weiss teaches the method / system of claim 1 wherein: the 
authentication server reports, at the time of the client authentication, the address of the 
address processing unit to be accessed to the terminal of the pertinent client; and the 
client terminal executes packet communication with the sub-network as the client's 
target via the address processing unit reported from the authentication server 
[paragraphs 3, 28 and 38]. 
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In reference to claim 17, Weiss teaches the method / system of claim 2 wherein: the 
authentication server has a correspondence table provided for each client and showing 
one or more sub-networks as client's targets and specifies the sub-network as the 
client's target on the basis of the correspondence table, and an address translation table 
showing the correspondence between data specifying the communication session on 
the packet signal and address data corresponding to the sub- network as the client's 
target, is set in the address processing unit [paragraphs 9 and 28]. 

3. Claims 1-10, 12 and 14-20 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Paulsen et al., (hereinafter Paulsen), (US Patent No. 6,055,575). 

In reference to claim 1, Paulsen teaches a method / system comprising: a plurality of 
sub-networks [figure 1]; an authentication server for authenticating a client in one of the 
plurality of sub-networks in response to an authentication request of the client when 
establishing a communication session for packet communication between the terminal 
of the client and a different sub-network as a client's target; an address processing unit 
for executing, after the authentication by the authentication server and on the basis of 
an instruction from the authentication server, an address processing of packet signals in 
packet communication between the client's terminal and the sub-network as the client's 
target [column 4, lines 22-49 and figure 1]. 
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In reference to claim 2, Paulsen teaches the method / system of claim 1 wherein: the 
authentication request from the client includes data of the sub-network as the client's 
target [column 5, line 55 - column 6, line 28]. 

In reference to claim 3, Paulsen teaches the method / system of claim 1 wherein: the 
authentication server has a correspondence table provided for each client and showing 
one or more sub-networks as client's targets and specifies the sub-network as the 
client's target on the basis of the correspondence table, and an address translation table 
showing the correspondence between data specifying the communication session on 
the packet signal and address data corresponding to the sub- network as the client's 
target, is set in the address processing unit [column 5, line 55 - column 6, line 28]. 

In reference to claim 4, Paulsen teaches the method / system of claim 3 wherein: the 
client's terminal sends out the packet signal by setting the address of the address 
processing unit as destination address; and the address processing unit specifies the 
sub-network as the client's target on the basis of the data specifying the communication 
session on the packet signal in the address translation table, and translates the 
destination address of the packet signal to address data corresponding to the specified 
sub-network [column 5, line 55 - column 6, line 28]. 
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In reference to claim 5, Paulsen teaches the method / system of claim 3 wherein: the 
source address is used as the data specifying the communication session on the packet 
signal [column 5, line 55 - column 6, line 28]. 

In reference to claim 6, Paulsen teaches the method / system of claim 5 wherein: 
session discrimination data is set on the packet signal as at least part of the data 
specifying the communication session [column 5, line 55 - column 6, line 28]. 

In reference to claim 7, Paulsen teaches the method / system of claim 1 wherein: the 
address processing unit receiving a packet signal addressed to the client from the sub- 
network as the client's target, translates the source address of the packet signal to the 
own address and sends out resultant packet signal [column 5, line 55 - column 6, line 
28]. 

In reference to claim 8, Paulsen teaches the method / system of claim 1 wherein: the 
sub-network has a gateway unit, and the address of the gateway unit is used as the 
address corresponding to the sub-network [column 5, line 55 - column 6, line 28]. 

In reference to claim 9, Paulsen teaches the method / system of claim 8 wherein: the 
gateway unit and the client terminal have a function of tunnel communication with 
respect to the packet signal having been capsulated by adding a capsulation header 
describing the address; and the gateway unit deletes the capsulation header from the 
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packet signal addressed to the gateway unit and feeds the resultant packet signal to the 
own sub-network [column 5, line 55 - column 6, line 28]. 

In reference to claim 10, Paulsen teaches the method / system of claim 9 wherein: the 
gateway unit records, in correspondence to one another, the source address of the 
packet signal addressed to its own in the capsulation header and the address assigned 
to the clients terminal in the own network, and when detecting a packet signal with the 
correspondence address as the destination address, encapsulates the packet signal by 
setting the source address in the capsulation header that is made to correspond to the 
correspondence address as the destination address of the packet signal and also 
setting the own address as the source address of the packet signal for sending out the 
packet signal [column 5, line 55 - column 6, line 28]. 

In reference to claim 12, Paulsen teaches the method / system of claim 6 wherein: the 
authentication server issues session discrimination data specifying the communication 
session to the terminal of the client certified either directly by it or via the authentication 
server; and the client's terminal adds the session discrimination data issued from the 
authentication server to the packet signal [column 5, line 55 - column 6, line 28]. 

In reference to claim 14, Paulsen teaches the method / system of claim 1 wherein: the 
sub-network has a gateway unit positioned as the client; and the gateway unit executes 
tunnel communication of the capsulated packet signal with the sub-network as the 
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target of the client in the own sub-network, executes, when receiving an authentication 
request for the communication session establishment from the client in the Own sub- 
network, the client authentication request to the authentication server in lieu of the 
client, and uses session discrimination data for specifying the communication session 
as at least part of the data specifying the communication session on the packet signal 
[column 5, line 55 - column 6, line 28]. 

In reference to claim 15, Paulsen teaches the method / system of claim 14 wherein: the 
server reports, in response to the client authentication request from the gateway unit, 
the data specifying the address of the sub-network as the client's target to the gateway 
unit; and when the gateway unit detects the packet signal addressed to the sub-network 
as the client's target on the basis of the data reported from the authentication server, it 
specifies the client from the source addresses of the packet signal, and when it confirms 
that the specified client has received the authentication for the communication session 
establishment, it encapsulates the packet signal by setting the session discrimination 
data in part of the capsulation header and sends out the capsulated packet signal to the 
address processing unit [column 5, line 55 - column 6, line 28]. 

In reference to claim 16, Paulsen teaches a method / system comprising: an 
authentication server executes authentication of a client in an open network in response 
to an authentication request from the client at the time of the accessing of a department 
network by the client, and an address processing unit executes, after the authentication 
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of the client by the authentication server and on the basis of an instruction from the 
authentication server, an address processing of packet signal concerning packet 
communication between the client and the department network [column 4, lines 22-49 
and figure 1]. 

In reference to claim 17, Paulsen teaches the method / system of claim 2 wherein: the 
authentication server has a correspondence table provided for each client and showing 
one or more sub-networks as client's targets and specifies the sub-network as the 
client's target on the basis of the correspondence table, and an address translation table 
showing the correspondence between data specifying the communication session on 
the packet signal and address data corresponding to the sub- network as the client's 
target, is set in the address processing unit [column 5, line 55 - column 6, line 28]. 

In reference to claim 18, Paulsen teaches the method / system of claim 4 wherein: the 
source address is used as the data specifying the communication session on the packet 
signal [column 5, line 55 - column 6, line 28]. 

In reference to claim 19, Paulsen teaches the method / system of claim 2 wherein: the 
address processing unit receiving a packet signal addressed to the client from the sub- 
network as the client's target, translates the source address of the packet signal to the 
own address and sends out resultant packet signal [column 5, line 55 - column 6, line 
28]. 



Application/Control Number: 10/827,347 Page 12 

Art Unit: 2145 



In reference to claim 20, Paulsen teaches the method / system of claim 3 wherein: the 
address processing unit receiving a packet signal addressed to the client from the sub- 
network as the client's target, translates the source address of the packet signal to the 
own address and sends out resultant packet signal [column 5, line 55 - column 6, line 
28]. 

Conclusion 

4. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to William J. Goodchild whose telephone number is (571) 
270-1589. The examiner can normally be reached on Monday - Friday / 9:00 AM - 5:00 
PM EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jason Cardone can be reached on (571) 272-3933. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

WJG 

10/25/2007 
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